The log shows TCP, UDP or ICMP packet dropped messages

Description

The log shows TCP, UDP or ICMP packet dropped messages

Resolution

TCP, UDP and ICMP packet drops from the WAN (seen in firewall logs) are due to a constant stream of both innocent and malicious attempts to gain entry to your network.

You can get a sense for the overall patterns of this by looking at www.dshield.org. They collate firewall log data from around the world and give statistical summaries for the most attacked ports/protocols. The most commonly attacked ports for the last few years are 135, 137, 80, 1434 and 445. In all cases, the malicious exploits relate to major security holes in Windows hosts (which may be fixed in the latest hotfixes).

You may contact your ISP to investigate perceived malicious activity. Check Microsoft Knowledge Base Article 150543 or www.iana.org/assignments/port-numbers for additional reference on specific TCP/UDP port number assignments.

Related Articles

  • SonicOS 8.1.0 FAQ
    Read More
  • SonicWall GEN8 TZs and GEN8 NSas Settings Migration
    Read More
  • Getting started with SonicWall firewalls
    Read More

Categories

Firewalls
SonicWall NSA Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
TZ Series
not finding your answers?
Ask the Community